Douglas Brown has a few helpful hints to help you write your PHP code defensively, protecting your code from malicious attackers.

The phenomenal growth of PHP applications has also led to a mushrooming of increased quantum of malicious activity. It thus becomes imperative that you write secure PHP code to protect your website. Here are some tips for the same. The three most vulnerable aspects of PHP that can become easily accessible to anyone are XSS (Cross Site Scripting), Global Variables and SQL code.

He details what each is and how you can protect your code against the problems they cause. Some example code is included to give you a better idea of the possible solution.

Pierre-Alain Joye has posted a reminder about an event happening on the 29th of January (2007) with Damien Séguy in Paris concerning PHP security.

He will focus on the XSS and CSRF aspects of the web applications: sources of the vulnerabilities, attacks/exploits and the defense techniques. I will sadly not attend but such events are rare enough to be mentioned loudly.

Pierre-Alain Joye has posted a reminder about an event happening on the 29th of January (2007) with Damien Séguy in Paris concerning PHP security.

He will focus on the XSS and CSRF aspects of the web applications: sources of the vulnerabilities, attacks/exploits and the defense techniques. I will sadly not attend but such events are rare enough to be mentioned loudly.